European cyber report details problems with and solutions for supply chain attacks.
Welcome to Cyber Security Today. It’s Wednesday August 4th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
IT departments need to assess the cybersecurity maturity of the software and hardware products they buy. That’s the recommendation of the European Union Agency for Cybersecurity, which looked at the increasing number of cyberattacks that are going through the supply chain. These include attacks on applications like Microsoft Exchange, SolarWinds Orion and, most recently, Kaseya VSA. Through one supplier an attacker can spread malware to many. Unfortunately IT departments have to rely on the trustworthiness of vendors. Which means not only do end-user organizations have to be tougher on suppliers, creators of hardware and software products have to be tough on their cybersecurity and application development processes. So, the report says, buyers should document their suppliers, define risks levels for each and monitor them for risks and threats. Software and hardware developers should ensure their infrastructure and processes can’t be manipulated. There’s a link to the full report, which looks at 24 supply chain attacks, in the text version of this podcast at ITworldCanada.com
Here’s one of the latest examples of a possible and unusual vector for a supply chain attack: A hospital’s pneumatic tube system. A warning has gone out to hospitals using the Swisslog Translogic PTS pneumatic tube system for distributing lab specimens and medications. The software running the system has critical vulnerabilities. They were discovered by a security firm called Armis. It says the problems could allow an attacker to take over the systems’ control panel, disrupt the system and hold the hospital to ransom. Another possibility is data theft of sensitive patient health information. Swisslog says the vulnerabilities could only be leveraged if an attacker first gets into the hospital’s IT system. Seven of the eight vulnerabilities have been fixed in a recent firmware update. The other can be blunted with a mitigation.
And here’s another supply chain problem: Vulnerabilities were recently found in software libraries of the Python Package Index. Python is a language used for software development. The repository holds code that can be re-used by developers. Fortunately these bugs have been fixed, but applications using the index may have to be updated.
Cyber extortionists go after any organization that has valuable information in hopes that it is desperate to pay up. The latest example is an attack on an Italian healthcare IT system. In what sounds like a ransomware attack, news reports say the servers of the health department of the Lazio region – which includes Rome – were recently encrypted. Among the services impacted was the COVID-19 vaccination reservation system. It seems no data was stolen. Instead the attackers are demanding a ransom to get access to the data back. And a government would have the money to that, if it knuckled under to blackmail.
Video conferencing provider Zoom has agreed to pay $85 million to settle a lawsuit that accused it of violating users’ privacy by allowing unapproved people to enter and disrupt online meetings. The Techcrunch news site reports the agreement still has to be approved by a U.S. judge. It says American subscribers would receive 15 per cent refunds on their core subscriptions, or $25, whichever amount is larger.
Finally, if you have an Android phone keep an eye out for a security patch. Google this week released its monthly fixes for the Android mobile operating system. However, getting the update depends on your phone and carrier. Google Pixel phones get them fast. So do some Samsung phones. However, it’s up to manufacturers and carriers to decide how fast phones get the updates. You should regularly log into the Android store anyway to check for updates for Android as well as for your apps.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.